Portal de Periódicos da CAPES

Towards RPL Attacks and Mitigation Taxonomy: Systematic Literature Review Approach

2024; Institute of Electrical and Electronics Engineers; Volume: 21; Issue: 5 Linguagem: Inglês

10.1109/tnsm.2024.3386468

2373-7379

Hussah Albinali, Farag Azzedin,

Web Application Security Vulnerabilities

The RPL protocol was initially created to connect multiple IP-based communication applications in low-power and lossy network environments. However, it has become a target for numerous attacks, which have sparked a need for researchers to develop effective security measures. In this article, we conduct a comprehensive literature review covering 175 papers on RPL attacks and their mitigation solutions. Our rigorous selection process provides a deep understanding of how RPL is exploited for different attacks and the solutions designed to mitigate such attacks. Our study proposes RPL attacks taxonomy based on the attack vector, along with mitigation solutions taxonomy. RPL attacks are classified based on the attack vector, such as generating, dropping, modifying, or replaying specific control messages. The mitigation solutions include authenticating, updating, discarding, encrypting, and isolating attacking nodes. Furthermore, we presented evaluation metrics in the literature to evaluate the performance of mitigation solutions. Besides, we proposed efficiency criteria to assess mitigation solutions' efficiency. The review aims to uncover innovative techniques that can effectively safeguard networks against routing attacks.